azure 资源专用端点创建错误

Question

我正在尝试使用 terraform 为 Azure Function App 创建专用端点

functionApp 的代码是

resource "azurerm_resource_group" "example" {
  name     = "azure-functions-test-rg"
  location = "West Europe"
}

resource "azurerm_storage_account" "example" {
  name                     = "functionsapptestsa"
  resource_group_name      = azurerm_resource_group.example.name
  location                 = azurerm_resource_group.example.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

resource "azurerm_app_service_plan" "example" {
  name                = "azure-functions-test-service-plan"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  sku {
    tier = "PremiumContainer"
    size = "P1"
  }
}

resource "azurerm_function_app" "example" {
  name                       = "test-azure-functions"
  location                   = azurerm_resource_group.example.location
  resource_group_name        = azurerm_resource_group.example.name
  app_service_plan_id        = azurerm_app_service_plan.example.id
  storage_account_name       = azurerm_storage_account.example.name
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
}

一切正常，函数应用程序已创建。我正在尝试使用以下代码创建此函数应用程序的专用端点

resource "azurerm_private_endpoint" "examplepe" {
  name                = "example-endpoint"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  subnet_id           = azurerm_subnet.endpoint.id  #dummy data

  private_service_connection {
    name                           = "example-privateserviceconnection"
    is_manual_connection           = false
    private_connection_resource_id = azurerm_function_app.example.id
    subresource_names  = ["blob"]
  }
}

我收到的错误是“创建专用端点“资源名称”时出错...发送请求失败:Statuscode=0 -- 原始错误:代码=“BadRequest”消息=“调用 Microsoft.Web/站点失败” 。错误消息:GroupId 无效。” 详细信息=[]

谢谢

Answer 1

问题在于选择了不正确的子资源名称。

Resource Type   SubResource Name    Secondary SubResource Name
Data Lake File System Gen2  dfs dfs_secondary
Sql Database / Data Warehouse   sqlServer   
Storage Account blob    blob_secondary
Storage Account file    file_secondary
Storage Account queue   queue_secondary
Storage Account table   table_secondary
Storage Account web web_secondary
Web App / Function App  sites   
Web App / Function App Slots    sites-<slotName>    

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint#subresource_names

这包含子资源的详细信息